Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
734813
AlmaLinux
5131
Alpaquita
11161
Alpine
4284
Android
2912
Azure Linux
12016
BellSoft Hardened Containers
521
Bitnami
8166
Chainguard
7206
CleanStart
1516
CRAN
14
crates.io
2490
Debian
58691
Echo
4122
GHC
3
GIT
90522
GitHub Actions
54
Go
7848
Hackage
32
Hex
142
Julia
958
Linux
25191
Mageia
6002
Maven
6604
MinimOS
75266
npm
220956
NuGet
1750
opam
18
openEuler
7055
openSUSE
13137
OSS-Fuzz
3946
Packagist
6560
Pub
11
PyPI
20293
Red Hat
20783
Rocky Linux
3497
Root
16092
RubyGems
2000
SUSE
20939
SwiftURL
58
TuxCare
5803
Ubuntu
56318
VSCode
20
Wolfi
4725
ID
Packages
Summary
Published
arrow_upward
Attributes
CVE-2026-54917
github.com/seaweedfs/seaweedfs
SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access
15 hours ago
Fix available
Severity - 7.8 (High)
CVE-2026-56779
github.com/1panel-dev/maxkb
MaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url Parameters
15 hours ago
Fix available
Severity - 5.3 (Medium)
CVE-2026-56774
github.com/kanboard/kanboard
Kanboard - Cross-User Deletion of Persistent Login Sessions via Unvalidated Session ID
15 hours ago
No fix available
Severity - 5.3 (Medium)
CVE-2026-56772
github.com/samuelclay/newsblur
NewsBlur < 14.5.0 - Insecure Direct Object Reference in Social Interactions Endpoint
15 hours ago
Fix available
Severity - 5.3 (Medium)
CVE-2026-56771
github.com/samuelclay/newsblur
NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint
15 hours ago
Fix available
Severity - 6.3 (Medium)
CVE-2026-56770
github.com/schwehr/libais
libais 0.15 - Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID
15 hours ago
No fix available
Severity - 8.7 (High)
CVE-2026-46608
github.com/nicolargo/glances
Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533)
15 hours ago
Fix available
Severity - 7.4 (High)
CVE-2026-56769
github.com/hcengineering/platform
Huly Platform - Server-Side Request Forgery via /import Endpoint
15 hours ago
No fix available
Severity - 6.3 (Medium)
CVE-2026-56768
github.com/haiwen/seahub
Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method
15 hours ago
Fix available
Severity - 8.7 (High)
CVE-2026-46607
github.com/nicolargo/glances
Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution
15 hours ago
Fix available
Severity - 7.8 (High)
CVE-2026-53925
github.com/nicolargo/glances
Glances: Arbitrary file write and command execution via
`
secure_popen
`
redirection and chaining operators in AMP command configuration
15 hours ago
Fix available
Severity - 7.8 (High)
CVE-2026-56767
github.com/getmaxun/maxun
Maxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API Handlers
15 hours ago
Fix available
Severity - 8.7 (High)
CVE-2026-46606
github.com/nicolargo/glances
Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py
15 hours ago
Fix available
Severity - 7.8 (High)
CVE-2026-56766
github.com/vanhauser-thc/thc-hydra
Hydra - Stack Buffer Overflow in NTLM Authentication Handler
15 hours ago
No fix available
Severity - 8.6 (High)
CVE-2026-46611
github.com/nicolargo/glances
Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack
15 hours ago
Fix available
Severity - 5.3 (Medium)
CVE-2026-54090
github.com/filebrowser/filebrowser
File Browser: Command Allowlist Bypass via Shell Metacharacter Injection
15 hours ago
Fix available
Severity - 8.7 (High)
Load more...
GIT - OSV